This little article will describe a little bit of the DoS,DDoS and DRDoS
1.Disclaimer
I'm not responsible for what you will do with the
information that this tutorial contains. This is for educational purposes only.
I don't care if you do something stupid like DoSing someone's computer.
Almost forgot i don't care about typos just made a cheap spelling and grammar
check so please don't complain.
2.Introduction
DoS stands for
Denial of Service it is a known attack for almost everyone that is involved with
hacking or cracking. A DoS attack is a attack that will prevent someone using
a service, for example crashing the HDD so the victim can't use the computer.
DoS is very old... but approximately year 2000 it was in every IT paper "DDoS
attacks" it brought down several huge webservers like Yahoo CNN Amazon GRC
etc... DDoS stands for Distributed Denial of service the only diffrence is
that DoS is from one single computer DDoS is from many. For example a hacker
crack into a couple of home computers let's say 30 computers and install DDoS
servers on everyone of them he/she can launch DoS attacks from all those
computers, with me? good.
3.ICMP attacks
ICMP attack old one ICMP
stands for Internet Control Message Protocol by the way :=) ICMP packets are
used to see if a host is alive... if the ICMP packets are too large the host
will slow down or eventually crasch. So how do you launch ICMP attacks easy you
can use MS-DOS, you just have to write this in your MS-DOS prompt "ping -l
65000 -t " 65000 is the size of the packet(obviously).
4.Smurf
attacks
It doesn't require alot to launch smurf attack you have to
understand the principle of TCP/IP. For example i send ICMP_ECHO packets to
a host, the host will respond with ICMP packets. But lets say i spoof my ip
and send ICMP_ECHO packets to a amplifier network then my spoofed ip will
recieve large amounts of ICMP packets and you can figure out what will happen.
rurf.c is a good utility for smurfing, you use like it like this "./rurf ".
You can find smurf amplifiers at http://www.powertech.no/smurf/ and http://www.netscan.org.
5. SYN flooding
To
understand this you need some basic knowledge about TCP/IP. SYN packet
Client---------------->Server SYN/ACK
packet ClientServer(established)
After that the client established a
connection with the host and sends data almost forgot, this is called TCP-basic
3way handshake. To reset the connect they have to send RST packets. So SYN
flooding is basically opening alots of useless connections to a host. This can
result in taking up all the system memory or eventually crasch.
6.
DRDoS
DRDoS stands Distributed Reflection Denial of Service simple ACK
flooding. creating alot of SYN connections with a spoofed ip to many
hosts and they will respond with ACK packets. That means that my spoofed ip
will recieve large amounts of ACK packets.
Comments (1)
